Name of the Vulnerable Software and Affected Versions rails-session-decoder versions (affected versions not specified)

Description The issue is related to the missing verification of the Message Authentication Code appended to the cookies in the rails-session-decoder module. This omission may lead to the decryption of cipher text, thus exposing encrypted information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.